Archive

In my previous post i discussed about the Aliases and Permission templates, today lets see what are Alias Sets and Permission sets and how exactly security works in Documentum.

What is Alias Set?

An alias set is simply a list of aliases (like “reviewer” or “supervisor”) and the values that they resolve to. Whenever an object is referenced the permission set applied on it will be taken and if this set refers to an alias set then the alias value will be resolved and applied on the object and access will be restricted based on it.

Please Note in some circumstances you may assign an empty alias value and let the client application prompt the user for a value when it is needed.

Alias Sets are an important part of a complex Documentum system’s architecture, providing a level of abstraction that can significantly reduce the effort needed to administer the Docbase. Alias sets remove the need to hard-code the names of users, groups, locations, and permission sets throughout your application and instead provide a means for setting these values dynamically as your personnel changes and your business processes evolve.

What are Permission Sets?

Access Control Lists (s) [ACLs] are Documentum’s method of restricting access to important documents and folders. ACLs control Documentum’s security layer, one of the most flexible and powerful security schemes around. The permission can also be applied on workflow access and lifecycle application also.

Access control lists are stored as persistent objects in the Docbase. Although ACLs are persistent objects having an object ID, they are not SysObjects. Version cannot be created for. If modification is done an, the server either overwrites with the changes or copies the changes the copy. What option it chooses depends on whether the directly to make the changes or reference an object that uses the.

Some Uses can be:

You can assign seven different levels of access to your documents in the system

You can assign access to individual users or to groups of users

Users can create their own private s that only they can use

System Admins can create System-Wide s that can be used by everyone

Extended Permissions let you really tweak what a user can do to an object

Different folders can have different ACLs based on requirement irrespective of their hierarchy.

This contains information about which users and groups have access to the document, and what level of access each has. When a user attempts to access an object, the Documentum Server looks in to determine which groups have access. It then looks in these groups to determine if the user is in any of the groups. It determines the user’s access level by awarding the user the highest level of access taking into account all the groups that the user is a member of.

Please Note even if you explicitly assign NONE access to a user, if they are also in a group that has READ access, the user will have READ access to the object. Always the individual privilege will be overridden by the group privilege.

Now does the Security feature Works in Documentum:

When an object is applied with some permission set then corresponding entry will be made in the backend with the reference to the applied ACL. Now when an object is accessed after that if the ACL is referring to any alias set then first the alias is converted in to actual value and from where it map’s the current accessing user’s access and provides access based on the ACL entries for that user to that specific Object that is being currently accessed. Because of this Documentum has provided wide variety for the application of security across the System. It can be like a person who is an administrator of one cabinet will have max permit of delete in those folders and cabinets where as in the other folders and cabinets and documents that are present in the system he will be having normal read permission or different based on the requirement.

Alias sets provide a means resolving attribute values that specify user and group names. This is an extremely powerful feature of Documentum because it allows you to design s, Lifecycles, and Workflows that can be used in multiple contexts without modification. Aliases are place holders for user names, group names, or folder paths.

Using aliases lets you write applications or procedures that can be used and reused in many situations because important information such as the owner of a document, a workflow activity’s performer, or the user permissions in a document’s is no longer hard coded into the application. Instead, aliases are placeholders for these values. The aliases are resolved to real user names or group names or folder paths when the application executes.

Similarly we have Permission templates which are created in the system with specific business needs and it refers to alias set. The templates can be applied on the individual object or group of objects. If a template is not explicitly applied to the object then a default template which is internally created by Documentum will be applied to the objects. Each object in the system that is created such as folders, documents, Workflows, lifecycles can be applied with individual permission. The application becomes even more flexible if you assign a template to the document. When the template is assigned to an object, the server creates a copy of the, resolves the aliases in the copy to real user or group names, and assigns the copy to the document. So when the actual template is changed with some permission information the copy normally gets updated.

Note: In some cases the copy of the template which is automatically created will not get updated. Some objects may be referring to the original Template that needs to be dereference and then the same needs to be applied.

Will bring out the difference between Alias Set and Permission Set in my Next Post.

ARBITRARY

In addition to reliability, here are 5 reasons why WordPress is the best platform for any
online business:

1. Free. If you have never heard about open source software, you might be wondering why something as great as WordPress is free. WordPress is free because it has been developed by a worldwide community of developers, who do it as a hobby and because they love the open source spirit. Not only WordPress itself is free but also most of its themes and plugins are free, which means that you can create a really rocking site for free.
2. Easy to use. Ease of use is another reason why WordPress is a great choice for an online platform. This means that someone with little experience will be able to deal with WordPress with no or just a little help from the pros.
3. Secure. As far as online business is concerned, security is of the greatest importance. If your platform is insecure, this is a threat to everything you do and you just can’t afford to go for an insecure platform. Fortunately, in regards to security, WordPress tops the list. It is true that there is no unhackable software and nobody can guarantee you that even with the most stringent security measures your WordPress site will never be hacked but it does make a difference whether you install a security fortress or an easy target for a beginner hacker.
4. Highly customizable. You will certainly want your online platform to have a unique look. With WordPress this is easy to achieve. There are thousands of themes you can choose from and thousands of plugins to add in order to get exactly the functionality you need. If you are a web designer and/or web developer, you can also use existing themes and plugins and modify them exactly to your liking. Not many other CMS offer such customization freedom!
5. Great community. Last, but not least, another reason why WordPress is such a great online platform is its community. The forums at WordPress.org and the other WordPress-related sites contain tons of threads about everything WordPress-related. Additionally, almost always when you are stuck with a problem and ask for help, knowledgeable and skillful WordPress gurus rush to your help. The WordPress community is simply great and you should experience it yourself.

WordPress is a top CMS. It is easy to start using, yet it is powerful and you can build your site exactly the way you dreamed it. If you have never tried WordPress, get it today and try it out. Just don’t forget to browse through wordpress hosting guides to see which WordPress hosts that are worth dealing with and which aren’t. WordPress is reliable and secure but a poor web host is more than it can stand, so don’t take any chances.

EMAIL SUBSCRIPTION

Enter your email address to subscribe to this blog and receive notifications of new posts by email.